/django/contrib/sessions/middleware.py
Python | 43 lines | 35 code | 3 blank | 5 comment | 6 complexity | 40f820f12741ccca802565c32588ec31 MD5 | raw file
Possible License(s): BSD-3-Clause
1import time 2 3from django.conf import settings 4from django.utils.cache import patch_vary_headers 5from django.utils.http import cookie_date 6from django.utils.importlib import import_module 7 8class SessionMiddleware(object): 9 def process_request(self, request): 10 engine = import_module(settings.SESSION_ENGINE) 11 session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None) 12 request.session = engine.SessionStore(session_key) 13 14 def process_response(self, request, response): 15 """ 16 If request.session was modified, or if the configuration is to save the 17 session every time, save the changes and set a session cookie. 18 """ 19 try: 20 accessed = request.session.accessed 21 modified = request.session.modified 22 except AttributeError: 23 pass 24 else: 25 if accessed: 26 patch_vary_headers(response, ('Cookie',)) 27 if modified or settings.SESSION_SAVE_EVERY_REQUEST: 28 if request.session.get_expire_at_browser_close(): 29 max_age = None 30 expires = None 31 else: 32 max_age = request.session.get_expiry_age() 33 expires_time = time.time() + max_age 34 expires = cookie_date(expires_time) 35 # Save the session data and refresh the client cookie. 36 request.session.save() 37 response.set_cookie(settings.SESSION_COOKIE_NAME, 38 request.session.session_key, max_age=max_age, 39 expires=expires, domain=settings.SESSION_COOKIE_DOMAIN, 40 path=settings.SESSION_COOKIE_PATH, 41 secure=settings.SESSION_COOKIE_SECURE or None, 42 httponly=settings.SESSION_COOKIE_HTTPONLY or None) 43 return response